Out of support This documentation supports the 8.0 version of BMC Atrium Single Sign-On, which is in "End of Version Support." However, the documentation is available for your convenience. You will not be able to leave comments.Click here to view the documentation for a supported version of Remedy Single Sign-On.

Converting from FIPS-140 to normal mode

Converting BMC Atrium Single Sign-On to operate in normal mode, (for example, without FIPS-140 cryptography) is the same process as converting the server to FIPS-140 mode, except the Java Virtual Machine (JVM) does not need to modified prior to triggering the conversion.

Note

Create a backup of the current server in case of a failure (hardware or software). If the server's configuration becomes corrupted, you can use the backup to restore the original configuration.

While converting from FIPS-140 to normal mode, be sure to monitor the conversion. See Monitoring normal mode conversion.

To convert to normal mode

  1. Shut down all integrated products.
     If possible, use a firewall to block external access to BMC Atrium Single Sign-On.
  2. Log on the Administrator console.
  3. Navigate to Configuration > Servers and Sites > <hostName> link > Security > Federal Information Processing Standards

    In this case, the <hostName> link is a hyperlink similar to:

    https://sample.bmc.com:8443/atriumsso
  4. De-select FIPS Mode.

  5. To commit the change, click Save

    Warning

    Once the configuration has been successfully saved, the conversion process is triggered in the background. This process cannot be interrupted. Do not stop BMC Atrium Single Sign-On, log on with another Administrator console, log off the current Administrator console, or initiate any other interactions with the server.

    This process usually takes around 10 to 20 seconds, depending upon the computer hardware.

  6. Ensure that a successful conversion message is posted. 

    Important

    Be sure that the background task validation process posts a successful conversion message before restoring the original encryption files and non-FIPS-140 library.

  7. Restore the original encryption files and non-FIPS140 library.
    1. Stop the BMC Atrium Single Sign-On server.
    2. Restore the strong encryption file.
    3. Restore the non-FIPS library.
    4. Restart BMC Atrium Single Sign-On.
    5. Verify that the server is properly operating in normal mode by viewing the BMC Atrium Single Sign-On log file (for example, atsso.0.log )

  8. Reconfigure integrated products to operate in normal mode. 

    Note

    All integrated products must be reconfigured to operate in normal mode. These integrated products cannot use BMC Atrium Single Sign-On for authentication until they are synchronized with BMC Atrium Single Sign-On.

 

Tip: For faster searching, add an asterisk to the end of your partial query. Example: cert*